Date: Wed, 25 Apr 2001 17:25:29 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: "Gunther Schadow" <gunther@aurora.regenstrief.org> Cc: <freebsd-net@FreeBSD.ORG> Subject: Re: VPN tunnel with DHCP ... Message-ID: <200104252125.RAA12766@khavrinen.lcs.mit.edu> In-Reply-To: <003101c0cdc8$64f8bcb0$1200a8c0@gsicomp.on.ca> References: <3AE7303F.957DE6DC@aurora.regenstrief.org> <003101c0cdc8$64f8bcb0$1200a8c0@gsicomp.on.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
[Original attribution lost.]
>> now, the problem is that the ${sohoip} is dynamically assigned
>> with DHCP. How can the gateway at the headquarter know that
>> ${sohoip} address?
I don't know whether this is actually possible to do yet. But, you
should be able to configure racoon to use a public-key certificate for
authentication, and identify your SOHO users by their names rather
than the random DHCP address. However, it looks like you will still
lose because racoon does not appear to have a mechanism to
automatically add SPD entries based on the authenticated identity of
an ``anonymous'' connection.
-GAWollman
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104252125.RAA12766>